[ubuntu/xenial-updates] libreoffice 1:5.1.6~rc2-0ubuntu1~xenial3 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Feb 21 22:03:51 UTC 2018
libreoffice (1:5.1.6~rc2-0ubuntu1~xenial3) xenial-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: remote arbitrary file disclosure vulnerability using
WEBSERVICE
- debian/patches/CVE-2018-6871-1.patch: limit WEBSERVICE to http[s]
protocols.
- debian/patches/CVE-2018-6871-2.patch: better handle ScDde formulas
with missing dde-link entries.
- debian/patches/CVE-2018-6871-3.patch: handle ocWebservice similarly
to ocDde.
- debian/patches/CVE-2018-6871-4.patch: CheckLinkFormulaNeedingCheck()
for .xls and .xlsx formula cells.
- debian/patches/CVE-2018-6871-5.patch: CheckLinkFormulaNeedingCheck()
for conditional format expressions
- debian/patches/CVE-2018-6871-6.patch: CheckLinkFormulaNeedingCheck()
for named expressions
- debian/patches/CVE-2018-6871-7.patch: fix for DDE link update via
Function Wizard
- CVE-2018-6871
* SECURITY UPDATE: use-after-free in SwRootFrame
- debian/patches/layout-footnote-use-after-free.diff: fix layout
footnote use-after-free in SwRootFrame.
- No CVE number.
Date: 2018-02-19 16:33:12.783974+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list